[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GPG needed for CVS trunk?

From: Mark D. Baushke
Subject: Re: GPG needed for CVS trunk?
Date: Fri, 12 Jan 2007 15:52:34 -0800

Hash: SHA1

Peter Toft <address@hidden> writes:

> > Peter Toft <address@hidden> writes:
> > 
> > > I just wanted to verify my latest CVS error
> > > <> with the trunk CVS version,
> > > so I checked out CVS from ... CVS, and compiled it.
> > 
> > A very adventurous thing to do. Be advised that the trunk CVS does not
> Yep - If you can give me at resonable tag I can easily try...
> > work on all hosts yet. Feel free to submit patches to get it working
> > under additional hosts.
> on my Linux box it compiles fine at least.

Yeah, the only GNU/Linux box with problems is an older 2.2 or 2.4 kernel
running on a non-intel hardware... I forget which one.

> > > When using the trunk CVS and running "cvs init" I then got errors about 
> > > needing gpg secret key. I cannot find documentation about this or know 
> > > how 
> > > to disable this binding to GPG. Can anyone comment and help me there?
> > 
> > Well, the point of the new OpenPGP (initially only looking for GnuPG
> > support) is to ensure that all commits are signed. So, you probably want
> > to generate a GnuPG key-pair and start using them for your commits.
> > 
> > That said, you could tell your client not to bother about such things as
> > signing by doing this:
> > 
> >     cvs --no-sign init
> > 
> > but you are probably going to be unhappy about most cvs operations that
> > modify or verify things if you do not have a GnuPG key-pair.
> Exactly - I hope that I can disable this in one of the CVSROOT 
> files per module of per repository.

Not at present, but I am not sure if Derek is entirely finished with the
feature or not.

> I understand the idea, but want at least to be able to select when to 
> use this feature.

I believe it is pretty much hard-coded for now. You could hack the
configure to avoid GnuPG totally...

   ./configure GPG=/bin/false

This means that it will behave as if your system does not have a GnuPG
that is functional. So, the client and server generated will not try to
sign anything at all.

> > You will probably also find it highly desirable to look at the gpg-agent
> > program which is a part of the GnuPG 2.x series of GnuPG programs.
> > 
> > Documentation is present in the ccvs/doc/cvs.texinfo file under the
> > 'OpenPGP Signatures' section.
> Thanx - excellent mail Mark!
> Peter Toft, Ph.D. address@hidden
> Følg min Linux-blog på

        -- Mark
Version: GnuPG v1.4.6 (FreeBSD)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]